5 Things IT Pros Need to Know About SaaS Governance
- 26 February, 2013 16:14
Software as a service (SaaS) is a reality for IT shops of all shapes and sizes. CIOs and other IT leaders need the tools to manage their sprawling portfolios of SaaS applications with the same rigor they use for on-premise software.
Here are five SaaS facts of life every tech pro should know.
1. SaaS is here to stay. Software as a service (SaaS) is well past the curiosity stage and the hype cycle, with many companies now using several or even dozens of cloud services to run their business processes.
The IT challenge now is figuring out how to govern a company's growing SaaS portfolios with the same rigor and attention that's given to on-premise software.
2. There's an app for (managing) that. Software vendors are delivering more specialized SaaS products to help CIOs wrangle their cloud applications. Okta, for example, is a startup that provides a cloud-based identity-management platform that lets users sign into all their SaaS applications in one place.
It competes with vendors such as Ping Identity and with identity-management incumbents like CA Technologies. "The big gap I saw in the marketplace was that all the cloud companies were trying to sell directly to the business user," says Okta CEO Todd McKinnon. "It became clear to me that at some point, the CIO was going to be asked by the company to adopt and manage all this stuff."
3. It's more than just tools. SaaS governance involves much more than a shiny new management application, says analyst R "Ray" Wang, CEO of Constellation Research.
"What's often missing is the design of scenarios and use cases for the user roles," he notes. "What you really want is to understand how information is accessed and then work back from there."
4. Your users will thank you. Genomic Health, which develops diagnostic cancer tests, has aggressively adopted cloud applications--some 24 to date. The company is even moving to a cloud-based ERP, SAP's Business ByDesign, says Ken Stineman, senior director of enterprise architecture and security.
Genomic implemented Okta and found it to be "one of those rare security initiatives" that made users happier, Stineman says. "It made the access easier, got rid of all the sticky notes and helps us out on the compliance side."
5. There's no turning back. For a long time, CIOs had a concrete sense of their IT environment's boundaries, which usually took forms such as a secure data center or VPN. The advent of cloud computing and mobile access has expanded the company's IT security perimeter. SaaS vendors in general have more work to do in areas such as data encryption, says Stineman.
As Genomic considers new investments with SaaS vendors, "we're really doing a much more systematic evaluation to make sure they meet our goals," particularly security requirements, he says.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Queensland government to provide 200 services online by 2015
Call Centers Suffer From Big Data Overload
CIO 100: Carsales wins top gong for innovation
How to secure passwords and other critical numbers
Australian National University streamlines IT
At one point, it seemed that phishing was receding to the status of a minor issue threatening only naïve consumers. However new cybercriminals and phishing techniques have lead this to become a greater concern. Download how to find out how phishing became the No. 1 web threat, and which web security solution can best protect your company.
Power of Three: Building Mobile Initiatives Guided by Business Goals, Technology and Governance
The use of powerful mobile devices has become so widespread, industry leaders in almost every sector have embraced mobility solutions as central elements of their IT and business operations. As mobile budgets grow, so does the influence of business units on mobility strategy. However, without a comprehensive strategy that encompass business goals, policies and processes, then initiatives into mobility will struggle to deliver the expected benefits. Click to download!
The “Enterprisation” of Mobile Apps – Moving from Corporate Liability to Business Asset
Many companies have established mobility as a core strategic technology, deploying corporate liable devices and allowing personally liable devices to connect to their networks and back-office applications. Yet few companies have established a realistic strategy of how to make the apps being utilised by end users truly enterprise controlled, secured and managed. Download to find out more!